Security: dnnsoftware/Dnn.Platform
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Stored XSS via Module TitleGHSA-w9pf-h6m6-v89h published
Jan 27, 2026 by valadasCritical -
Stored XSS in Module Deletion Confirmation ModalGHSA-vm5q-8qww-h238 published
Jan 27, 2026 by valadasHigh -
Stored XSS in Scheduler LogNotesGHSA-2g5g-hcgh-q3rp published
Jan 27, 2026 by valadasHigh -
Stored XSS in Module DescriptionGHSA-9r3h-mpf8-25gj published
Jan 27, 2026 by valadasHigh -
Potential XSS vulnerability in modules' header and footerGHSA-jjwg-4948-6wxp published
Jan 27, 2026 by valadasModerate -
Insufficient Access Control - Image Upload allows for Site Content OverwriteGHSA-3m8r-w7xg-jqvw published
Oct 28, 2025 by valadasCritical -
Stored cross-site-scripting (XSS) via SVG uploadGHSA-hmvq-8p83-cq52 published
Oct 28, 2025 by valadasModerate -
CKEditor Provider allows unauthenticated upload out-of-the-boxGHSA-2374-6cvw-qmx6 published
Oct 28, 2025 by valadasModerate -
Vulnerability in CKEditor's File Uploader functionality through Unicode obfuscationGHSA-cgqj-mw4m-v7hp published
Sep 23, 2025 by valadasModerate -
NTLM hash leakage via SMB Share Interaction with malicious user inputGHSA-mgfv-2362-jq96 published
Jun 20, 2025 by valadasHigh